From 928fd82e02234d4d43ed4ca15b53de7b962eb20d Mon Sep 17 00:00:00 2001 From: Artem Rootman <4586640+artemrootman@users.noreply.github.com> Date: Wed, 21 Aug 2024 16:38:02 +0000 Subject: [PATCH 1/3] Fix service.yaml template error: handle nil values for service.ports Previously, an error occurred when trying to access .Values.service.ports in the template, leading to a nil pointer dereference. This commit corrects the issue by ensuring that service.ports is checked for existence before attempting to access it, preventing the error from occurring. Changes: - Updated service.yaml to use `{{- with .Values.service }}...{{- end }}` for conditional rendering of ports. --- packages/apps/virtual-machine/templates/service.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packages/apps/virtual-machine/templates/service.yaml b/packages/apps/virtual-machine/templates/service.yaml index df656fa28..58b602b0a 100644 --- a/packages/apps/virtual-machine/templates/service.yaml +++ b/packages/apps/virtual-machine/templates/service.yaml @@ -18,11 +18,13 @@ spec: - name: ssh port: 22 targetPort: 22 - {{- if .Values.service.ports }} - {{- range .Values.service.ports }} + {{- with .Values.service }} + {{- if .ports }} + {{- range .ports }} - name: {{ .name }} port: {{ .port }} targetPort: {{ .targetPort }} {{- end }} {{- end }} + {{- end }} {{- end }} From 8fc92cb2afb79cc9ac52c7be82cdca6f1ca20a0b Mon Sep 17 00:00:00 2001 From: Artem Rootman <4586640+artemrootman@users.noreply.github.com> Date: Wed, 21 Aug 2024 17:58:06 +0000 Subject: [PATCH 2/3] Add user parameter and fix template rendering issues - Added `user` parameter to the Helm chart with a default value of `username`. - Updated `values.yaml` to include documentation for the new `user` parameter. - Updated `values.schema.json` to validate the `user` parameter as a string. - Modified `vm.yaml` template to include `user` in the cloud-init configuration. - Fixed `service.yaml` template to correctly handle the `ports` field in `service`. - Improved documentation in `README.md` to reflect the addition of the `user` parameter. --- packages/apps/virtual-machine/README.md | 1 + packages/apps/virtual-machine/templates/service.yaml | 6 ++---- packages/apps/virtual-machine/templates/vm.yaml | 1 + packages/apps/virtual-machine/values.schema.json | 5 +++++ packages/apps/virtual-machine/values.yaml | 2 ++ 5 files changed, 11 insertions(+), 4 deletions(-) diff --git a/packages/apps/virtual-machine/README.md b/packages/apps/virtual-machine/README.md index 2a07ab255..05034b344 100644 --- a/packages/apps/virtual-machine/README.md +++ b/packages/apps/virtual-machine/README.md @@ -24,6 +24,7 @@ The virtual machine is managed and hosted through KubeVirt, allowing you to harn | `resources.disk` | The size of the disk allocated for the virtual machine | `5Gi` | | `sshPwauth` | Enable password authentication for SSH. If set to `true`, users can log in using a password | `true` | | `disableRoot` | Disable root login via SSH. If set to `true`, root login will be disabled | `true` | +| `user` | The username to be used for the virtual machine. Default is `username` | `username` | | `password` | The default password for the virtual machine | `hackme` | | `chpasswdExpire` | Set whether the password should expire | `false` | | `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys | `["ssh-rsa ...","ssh-ed25519 ..."]` | diff --git a/packages/apps/virtual-machine/templates/service.yaml b/packages/apps/virtual-machine/templates/service.yaml index 58b602b0a..4cffed90d 100644 --- a/packages/apps/virtual-machine/templates/service.yaml +++ b/packages/apps/virtual-machine/templates/service.yaml @@ -18,13 +18,11 @@ spec: - name: ssh port: 22 targetPort: 22 - {{- with .Values.service }} - {{- if .ports }} - {{- range .ports }} + {{- if (.Values.service).ports }} + {{- range .Values.service.ports }} - name: {{ .name }} port: {{ .port }} targetPort: {{ .targetPort }} {{- end }} {{- end }} - {{- end }} {{- end }} diff --git a/packages/apps/virtual-machine/templates/vm.yaml b/packages/apps/virtual-machine/templates/vm.yaml index e344de322..472c3b6a0 100644 --- a/packages/apps/virtual-machine/templates/vm.yaml +++ b/packages/apps/virtual-machine/templates/vm.yaml @@ -63,6 +63,7 @@ spec: #cloud-config ssh_pwauth: {{ if .Values.sshPwauth | default false }}True{{ else }}False{{ end }} disable_root: {{ if .Values.disableRoot | default false }}True{{ else }}False{{ end }} + user: {{ .Values.user }} password: {{ .Values.password }} chpasswd: { expire: {{ if .Values.chpasswdExpire | default false }}True{{ else }}False{{ end }} } ssh_authorized_keys: diff --git a/packages/apps/virtual-machine/values.schema.json b/packages/apps/virtual-machine/values.schema.json index 843039a5a..0802fe995 100644 --- a/packages/apps/virtual-machine/values.schema.json +++ b/packages/apps/virtual-machine/values.schema.json @@ -59,6 +59,11 @@ "description": "Disable root login via SSH. If set to `true`, root login will be disabled", "default": true }, + "user": { + "type": "string", + "description": "The username to be used for the virtual machine. Default is `username`", + "default": "username" + }, "password": { "type": "string", "description": "The default password for the virtual machine", diff --git a/packages/apps/virtual-machine/values.yaml b/packages/apps/virtual-machine/values.yaml index f1f5701ee..377209172 100644 --- a/packages/apps/virtual-machine/values.yaml +++ b/packages/apps/virtual-machine/values.yaml @@ -9,6 +9,7 @@ ## @param resources.disk The size of the disk allocated for the virtual machine ## @param sshPwauth Enable password authentication for SSH. If set to `true`, users can log in using a password ## @param disableRoot Disable root login via SSH. If set to `true`, root login will be disabled +## @param user The username to be used for the virtual machine. Default is `username` ## @param password The default password for the virtual machine ## @param chpasswdExpire Set whether the password should expire ## @param sshKeys List of SSH public keys for authentication. Can be a single key or a list of keys @@ -23,6 +24,7 @@ resources: disk: 5Gi sshPwauth: true disableRoot: true +user: username password: hackme chpasswdExpire: false sshKeys: From c47a6a29c2f134007781314a84cba450536a92ef Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 30 Aug 2024 11:46:13 +0200 Subject: [PATCH 3/3] Update Virtual Machine Signed-off-by: Andrei Kvapil --- packages/apps/virtual-machine/Chart.yaml | 2 +- packages/apps/virtual-machine/README.md | 90 +++++++++++-------- .../virtual-machine/templates/secret.yaml | 21 +++++ .../virtual-machine/templates/service.yaml | 15 +--- .../apps/virtual-machine/templates/vm.yaml | 46 +++++----- .../apps/virtual-machine/values.schema.json | 45 ++++------ packages/apps/virtual-machine/values.yaml | 39 +++++--- 7 files changed, 146 insertions(+), 112 deletions(-) create mode 100644 packages/apps/virtual-machine/templates/secret.yaml diff --git a/packages/apps/virtual-machine/Chart.yaml b/packages/apps/virtual-machine/Chart.yaml index e0cdeeb7b..6affe7999 100644 --- a/packages/apps/virtual-machine/Chart.yaml +++ b/packages/apps/virtual-machine/Chart.yaml @@ -17,7 +17,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/virtual-machine/README.md b/packages/apps/virtual-machine/README.md index 05034b344..0d8bf4573 100644 --- a/packages/apps/virtual-machine/README.md +++ b/packages/apps/virtual-machine/README.md @@ -9,52 +9,72 @@ The virtual machine is managed and hosted through KubeVirt, allowing you to harn - Docs: [KubeVirt User Guide](https://kubevirt.io/user-guide/) - GitHub: [KubeVirt Repository](https://github.com/kubevirt/kubevirt) +## Accessing virtual machine + +You can access the virtual machine using the virtctl tool: +- [KubeVirt User Guide - Virtctl Client Tool](https://kubevirt.io/user-guide/user_workloads/virtctl_client_tool/) + +To access the serial console: + +``` +virtctl console +``` + +To access the VM using VNC: + +``` +virtctl vnc +``` + +To SSH into the VM: + +``` +virtctl ssh @ +``` + ## Parameters ### Common parameters -| Name | Description | Value | -| ------------------ | ------------------------------------------------------------------------------------------------- | ----------------------------------- | -| `external` | Enable external access from outside the cluster | `false` | -| `running` | Determines if the virtual machine should be running | `true` | -| `image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` | `ubuntu` | -| `storageClass` | StorageClass used to store the data | `replicated` | -| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `1` | -| `resources.memory` | The amount of memory allocated to the virtual machine | `1024M` | -| `resources.disk` | The size of the disk allocated for the virtual machine | `5Gi` | -| `sshPwauth` | Enable password authentication for SSH. If set to `true`, users can log in using a password | `true` | -| `disableRoot` | Disable root login via SSH. If set to `true`, root login will be disabled | `true` | -| `user` | The username to be used for the virtual machine. Default is `username` | `username` | -| `password` | The default password for the virtual machine | `hackme` | -| `chpasswdExpire` | Set whether the password should expire | `false` | -| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys | `["ssh-rsa ...","ssh-ed25519 ..."]` | +| Name | Description | Value | +| ------------------ | ------------------------------------------------------------------------------------------------- | ---------------- | +| `external` | Enable external access from outside the cluster | `false` | +| `externalPorts` | Specify ports to forward from outside the cluster | `[]` | +| `running` | Determines if the virtual machine should be running | `true` | +| `image` | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` | `ubuntu` | +| `storageClass` | StorageClass used to store the data | `replicated` | +| `resources.cpu` | The number of CPU cores allocated to the virtual machine | `1` | +| `resources.memory` | The amount of memory allocated to the virtual machine | `1024M` | +| `resources.disk` | The size of the disk allocated for the virtual machine | `5Gi` | +| `sshKeys` | List of SSH public keys for authentication. Can be a single key or a list of keys. | `[]` | +| `cloudInit` | cloud-init user data config. See cloud-init documentation for more details. | `#cloud-config +` | You can customize the exposed ports by specifying them under `service.ports` in the `values.yaml` file. -## Example `values.yaml` +## Example virtual machine: ```yaml -external: false +external: true +externalPorts: +- 22 +- 80 +- 443 running: true -image: ubuntu +image: fedora +storageClass: replicated resources: cpu: 1 memory: 1024M - disk: 5Gi -sshPwauth: true -disableRoot: true -password: hackme -chpasswdExpire: false -sshKeys: - - YOUR_SSH_PUB_KEY_HERE - - ANOTHER_SSH_PUB_KEY_HERE - -service: - ports: - - name: http - port: 80 - targetPort: 80 - - name: https - port: 443 - targetPort: 443 + disk: 10Gi + +sshKeys: +- ssh-rsa ... + +cloudInit: | + #cloud-config + user: fedora + password: fedora + chpasswd: { expire: False } + ssh_pwauth: True ``` diff --git a/packages/apps/virtual-machine/templates/secret.yaml b/packages/apps/virtual-machine/templates/secret.yaml new file mode 100644 index 000000000..a92a7b6bd --- /dev/null +++ b/packages/apps/virtual-machine/templates/secret.yaml @@ -0,0 +1,21 @@ +{{- if .Values.sshKeys }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "virtual-machine.fullname" $ }}-ssh-keys +stringData: + {{- range $k, $v := .Values.sshKeys }} + key{{ $k }}: {{ quote $v }} + {{- end }} +{{- end }} +{{- if .Values.cloudInit }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "virtual-machine.fullname" . }}-cloud-init +stringData: + userdata: | + {{- .Values.cloudInit | nindent 4 }} +{{- end }} diff --git a/packages/apps/virtual-machine/templates/service.yaml b/packages/apps/virtual-machine/templates/service.yaml index 4cffed90d..9c1dc2aa1 100644 --- a/packages/apps/virtual-machine/templates/service.yaml +++ b/packages/apps/virtual-machine/templates/service.yaml @@ -8,21 +8,14 @@ metadata: {{- include "virtual-machine.labels" . | nindent 4 }} spec: type: {{ ternary "LoadBalancer" "ClusterIP" .Values.external }} - {{- if .Values.external }} externalTrafficPolicy: Local allocateLoadBalancerNodePorts: false - {{- end }} selector: {{- include "virtual-machine.labels" . | nindent 4 }} ports: - - name: ssh - port: 22 - targetPort: 22 - {{- if (.Values.service).ports }} - {{- range .Values.service.ports }} - - name: {{ .name }} - port: {{ .port }} - targetPort: {{ .targetPort }} - {{- end }} + {{- range .Values.externalPorts }} + - name: port-{{ . }} + port: {{ . }} + targetPort: {{ . }} {{- end }} {{- end }} diff --git a/packages/apps/virtual-machine/templates/vm.yaml b/packages/apps/virtual-machine/templates/vm.yaml index 472c3b6a0..421175644 100644 --- a/packages/apps/virtual-machine/templates/vm.yaml +++ b/packages/apps/virtual-machine/templates/vm.yaml @@ -45,35 +45,39 @@ spec: - disk: bus: scsi name: systemdisk + {{- if or .Values.sshKeys .Values.cloudInit }} - disk: bus: virtio name: cloudinitdisk + {{- end }} + interfaces: + - name: default + bridge: {} machine: type: "" resources: requests: memory: {{ .Values.resources.memory | quote }} + {{- with .Values.sshKeys }} + accessCredentials: + - sshPublicKey: + source: + secret: + secretName: {{ include "virtual-machine.fullname" $ }}-ssh-keys + propagationMethod: + noCloud: {} + {{- end }} terminationGracePeriodSeconds: 30 volumes: - - dataVolume: + - name: systemdisk + dataVolume: name: {{ include "virtual-machine.fullname" . }} - name: systemdisk - - cloudInitNoCloud: - userData: |- - #cloud-config - ssh_pwauth: {{ if .Values.sshPwauth | default false }}True{{ else }}False{{ end }} - disable_root: {{ if .Values.disableRoot | default false }}True{{ else }}False{{ end }} - user: {{ .Values.user }} - password: {{ .Values.password }} - chpasswd: { expire: {{ if .Values.chpasswdExpire | default false }}True{{ else }}False{{ end }} } - ssh_authorized_keys: - {{- if .Values.sshKeys }} - {{- $keys := .Values.sshKeys }} - {{- if not (kindIs "slice" $keys) }} - {{- $keys = list $keys }} - {{- end }} - {{- range $keys }} - - {{ . }} - {{- end }} - {{- end }} - name: cloudinitdisk + {{- if or .Values.sshKeys .Values.cloudInit }} + - name: cloudinitdisk + cloudInitNoCloud: + secretRef: + name: {{ include "virtual-machine.fullname" . }}-cloud-init + {{- end }} + networks: + - name: default + pod: {} diff --git a/packages/apps/virtual-machine/values.schema.json b/packages/apps/virtual-machine/values.schema.json index 0802fe995..57b4d65cb 100644 --- a/packages/apps/virtual-machine/values.schema.json +++ b/packages/apps/virtual-machine/values.schema.json @@ -7,6 +7,14 @@ "description": "Enable external access from outside the cluster", "default": false }, + "externalPorts": { + "type": "array", + "description": "Specify ports to forward from outside the cluster", + "default": "[]", + "items": { + "type": "string" + } + }, "running": { "type": "boolean", "description": "Determines if the virtual machine should be running", @@ -49,41 +57,18 @@ } } }, - "sshPwauth": { - "type": "boolean", - "description": "Enable password authentication for SSH. If set to `true`, users can log in using a password", - "default": true - }, - "disableRoot": { - "type": "boolean", - "description": "Disable root login via SSH. If set to `true`, root login will be disabled", - "default": true - }, - "user": { - "type": "string", - "description": "The username to be used for the virtual machine. Default is `username`", - "default": "username" - }, - "password": { - "type": "string", - "description": "The default password for the virtual machine", - "default": "hackme" - }, - "chpasswdExpire": { - "type": "boolean", - "description": "Set whether the password should expire", - "default": false - }, "sshKeys": { "type": "array", - "description": "List of SSH public keys for authentication. Can be a single key or a list of keys", - "default": [ - "ssh-rsa ...", - "ssh-ed25519 ..." - ], + "description": "List of SSH public keys for authentication. Can be a single key or a list of keys.", + "default": "[]", "items": { "type": "string" } + }, + "cloudInit": { + "type": "string", + "description": "cloud-init user data config. See cloud-init documentation for more details.", + "default": "#cloud-config\n" } } } diff --git a/packages/apps/virtual-machine/values.yaml b/packages/apps/virtual-machine/values.yaml index 377209172..e7995e9ae 100644 --- a/packages/apps/virtual-machine/values.yaml +++ b/packages/apps/virtual-machine/values.yaml @@ -1,20 +1,18 @@ ## @section Common parameters ## @param external Enable external access from outside the cluster +## @param externalPorts [array] Specify ports to forward from outside the cluster ## @param running Determines if the virtual machine should be running ## @param image The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` ## @param storageClass StorageClass used to store the data ## @param resources.cpu The number of CPU cores allocated to the virtual machine ## @param resources.memory The amount of memory allocated to the virtual machine ## @param resources.disk The size of the disk allocated for the virtual machine -## @param sshPwauth Enable password authentication for SSH. If set to `true`, users can log in using a password -## @param disableRoot Disable root login via SSH. If set to `true`, root login will be disabled -## @param user The username to be used for the virtual machine. Default is `username` -## @param password The default password for the virtual machine -## @param chpasswdExpire Set whether the password should expire -## @param sshKeys List of SSH public keys for authentication. Can be a single key or a list of keys external: false +externalPorts: +- 22 + running: true image: ubuntu storageClass: replicated @@ -22,11 +20,24 @@ resources: cpu: 1 memory: 1024M disk: 5Gi -sshPwauth: true -disableRoot: true -user: username -password: hackme -chpasswdExpire: false -sshKeys: - - ssh-rsa ... - - ssh-ed25519 ... + +## @param sshKeys [array] List of SSH public keys for authentication. Can be a single key or a list of keys. +## Example: +## sshKeys: +## - ssh-rsa ... +## - ssh-ed25519 ... +## +sshKeys: [] + +## @param cloudInit cloud-init user data config. See cloud-init documentation for more details. +## - https://cloudinit.readthedocs.io/en/latest/explanation/format.html +## - https://cloudinit.readthedocs.io/en/latest/reference/examples.html +## Example: +## cloudInit: | +## #cloud-config +## password: ubuntu +## chpasswd: { expire: False } +## +cloudInit: | + #cloud-config +